Merge branch 'master' of https://github.com/yhackerbv/VulnNottiProject
Showing
10 changed files
with
239 additions
and
179 deletions
... | @@ -25,21 +25,14 @@ namespace DownloaderGithubClone | ... | @@ -25,21 +25,14 @@ namespace DownloaderGithubClone |
25 | Console.Write("Git Repository URL을 입력하세요 : "); | 25 | Console.Write("Git Repository URL을 입력하세요 : "); |
26 | string url = Console.ReadLine(); | 26 | string url = Console.ReadLine(); |
27 | //https://github.com/django/django.git | 27 | //https://github.com/django/django.git |
28 | - | ||
29 | - | ||
30 | string pattern = @"https://github.com/.+/(?<ProjectName>.+)\.(.+)"; | 28 | string pattern = @"https://github.com/.+/(?<ProjectName>.+)\.(.+)"; |
31 | - | ||
32 | var match = Regex.Match(url, pattern); | 29 | var match = Regex.Match(url, pattern); |
33 | - | ||
34 | if (!match.Success) { | 30 | if (!match.Success) { |
35 | Console.WriteLine($"패턴이 맞지 않습니다. Pattern : {pattern}"); | 31 | Console.WriteLine($"패턴이 맞지 않습니다. Pattern : {pattern}"); |
36 | return; | 32 | return; |
37 | } | 33 | } |
38 | - | ||
39 | - | ||
40 | string prName = match.Groups["ProjectName"].Value; | 34 | string prName = match.Groups["ProjectName"].Value; |
41 | Console.WriteLine(prName); | 35 | Console.WriteLine(prName); |
42 | - | ||
43 | int idx = 1; | 36 | int idx = 1; |
44 | string path = Path.Combine(dir, prName); | 37 | string path = Path.Combine(dir, prName); |
45 | if (Directory.Exists(path)) { | 38 | if (Directory.Exists(path)) { | ... | ... |
... | @@ -64,7 +64,7 @@ namespace VulnCrawler | ... | @@ -64,7 +64,7 @@ namespace VulnCrawler |
64 | } | 64 | } |
65 | 65 | ||
66 | /* 메인 동작 함수 */ | 66 | /* 메인 동작 함수 */ |
67 | - public static void Run() { | 67 | + public static void Run() { |
68 | // Repository 폴더들이 있는 주소를 지정하면 하위 폴더 목록을 가져옴(Repository 목록) | 68 | // Repository 폴더들이 있는 주소를 지정하면 하위 폴더 목록을 가져옴(Repository 목록) |
69 | Regex.CacheSize = 50; | 69 | Regex.CacheSize = 50; |
70 | 70 | ||
... | @@ -80,17 +80,17 @@ namespace VulnCrawler | ... | @@ -80,17 +80,17 @@ namespace VulnCrawler |
80 | // Repository 목록 만큼 반복함. | 80 | // Repository 목록 만큼 반복함. |
81 | foreach (var directory in directorys) { | 81 | foreach (var directory in directorys) { |
82 | /* 폴더 중에 linux가 있으면 잠깐 넘어감 (너무 커서 테스트 힘듦) */ | 82 | /* 폴더 중에 linux가 있으면 잠깐 넘어감 (너무 커서 테스트 힘듦) */ |
83 | - if (directory.Contains("linux")) | 83 | + if (directory.Contains("~")) |
84 | { | 84 | { |
85 | - // continue; | 85 | + continue; |
86 | } | 86 | } |
87 | // 템플릿 패턴화 T : VulnAbstractCrawler | 87 | // 템플릿 패턴화 T : VulnAbstractCrawler |
88 | VulnWorker.Run<VulnC>(directory); | 88 | VulnWorker.Run<VulnC>(directory); |
89 | } | 89 | } |
90 | stopwatch.Stop(); | 90 | stopwatch.Stop(); |
91 | - var hours = stopwatch.Elapsed.TotalHours; | 91 | + var hours = stopwatch.Elapsed.Hours; |
92 | - var minutes = stopwatch.Elapsed.TotalMinutes; | 92 | + var minutes = stopwatch.Elapsed.Minutes; |
93 | - var seconds = stopwatch.Elapsed.TotalSeconds; | 93 | + var seconds = stopwatch.Elapsed.Seconds; |
94 | 94 | ||
95 | Console.WriteLine($"경과 시간 {hours.ToString("00")}:{minutes.ToString("00")}:{seconds.ToString("00")}"); | 95 | Console.WriteLine($"경과 시간 {hours.ToString("00")}:{minutes.ToString("00")}:{seconds.ToString("00")}"); |
96 | 96 | ... | ... |
... | @@ -31,7 +31,7 @@ namespace VulnCrawler | ... | @@ -31,7 +31,7 @@ namespace VulnCrawler |
31 | public string FuncName { get; set; } | 31 | public string FuncName { get; set; } |
32 | public string Hash { get; set; } | 32 | public string Hash { get; set; } |
33 | public string Path { get; set; } | 33 | public string Path { get; set; } |
34 | - | 34 | + public string Url { get; set; } |
35 | public override bool Equals(object obj) | 35 | public override bool Equals(object obj) |
36 | { | 36 | { |
37 | var block = obj as UserBlock; | 37 | var block = obj as UserBlock; |
... | @@ -131,14 +131,15 @@ namespace VulnCrawler | ... | @@ -131,14 +131,15 @@ namespace VulnCrawler |
131 | /// <summary> | 131 | /// <summary> |
132 | /// 커밋에서 검색할 정규식 문자열 | 132 | /// 커밋에서 검색할 정규식 문자열 |
133 | /// </summary> | 133 | /// </summary> |
134 | - public string SearchCommitPattern => @"CVE[ -]\d{4}[ -]\d{4}"; | 134 | + public string SearchCommitPattern => @"CVE[ -](201[5-8])[ -](\d{4,})"; |
135 | /// <summary> | 135 | /// <summary> |
136 | /// 패치 코드에서 함수 찾을 정규식 패턴 문자열 | 136 | /// 패치 코드에서 함수 찾을 정규식 패턴 문자열 |
137 | /// </summary> | 137 | /// </summary> |
138 | protected abstract string RegexFuncPattern { get; } | 138 | protected abstract string RegexFuncPattern { get; } |
139 | + protected abstract string UserRegexFuncPattern { get; } | ||
139 | protected abstract string Extension { get; } | 140 | protected abstract string Extension { get; } |
140 | public virtual IEnumerable<PatchEntryChanges> GetPatchEntryChanges(Patch patch) { | 141 | public virtual IEnumerable<PatchEntryChanges> GetPatchEntryChanges(Patch patch) { |
141 | - return patch.Where(e => e.Path.EndsWith(Extension)).ToList(); | 142 | + return patch.Where(e => e.Path.EndsWith(Extension) && e.Status == ChangeKind.Modified).ToList(); |
142 | } | 143 | } |
143 | /// <summary> | 144 | /// <summary> |
144 | /// 정규식을 이용하여 @@ -\d,\d +\d,\d @@ MethodName(): 이런 패턴을 찾고 | 145 | /// 정규식을 이용하여 @@ -\d,\d +\d,\d @@ MethodName(): 이런 패턴을 찾고 |
... | @@ -158,108 +159,11 @@ namespace VulnCrawler | ... | @@ -158,108 +159,11 @@ namespace VulnCrawler |
158 | public abstract IDictionary<int, IEnumerable<UserBlock>> CrawlUserCode(StreamReader reader); | 159 | public abstract IDictionary<int, IEnumerable<UserBlock>> CrawlUserCode(StreamReader reader); |
159 | 160 | ||
160 | protected abstract IList<Block> GetCriticalBlocks(string srcCode, IEnumerable<string> criticalList); | 161 | protected abstract IList<Block> GetCriticalBlocks(string srcCode, IEnumerable<string> criticalList); |
161 | - /// <summary> | ||
162 | - /// 성능 개선을 위한 | ||
163 | - /// 코드 라인 위치 기반 취약 원본 함수 추출 테스트용 함수 곧 삭제 예정 | ||
164 | - /// </summary> | ||
165 | - public string GetOriginalFuncTest(Stream oldStream, string methodName, int start) | ||
166 | - { | ||
167 | - StringBuilder oldBuilder = new StringBuilder(); | ||
168 | - | ||
169 | - using (var reader = new StreamReader(oldStream)) | ||
170 | - { | ||
171 | - bool found = false; | ||
172 | - bool found2 = false; | ||
173 | - bool commentLine = false; | ||
174 | - int bracketCount = -1; | ||
175 | - string stringPattern = @"[""].*[""]"; | ||
176 | - string commentPattern = @"\/\*.+\*\/"; | ||
177 | - string commentPattern2 = @"\/\*"; | ||
178 | - string commentPattern3 = @"\*\/"; | ||
179 | - int readCount = 0; | ||
180 | - Queue<string> tempQ = new Queue<string>(); | ||
181 | - while (!reader.EndOfStream) | ||
182 | - { | ||
183 | - string line = reader.ReadLine(); | ||
184 | - if (readCount++ < start) | ||
185 | - { | ||
186 | - tempQ.Enqueue(line); | ||
187 | - continue; | ||
188 | - } | ||
189 | - Stack<string> tempStack = new Stack<string>(); | ||
190 | - while (tempQ.Count > 0) | ||
191 | - { | ||
192 | - string s = tempQ.Dequeue(); | ||
193 | - tempStack.Push(s); | ||
194 | - string method = Regex.Escape(methodName); | ||
195 | - if (Regex.Match(s, $"{method}").Success) | ||
196 | - { | ||
197 | - break; | ||
198 | - } | ||
199 | - } | ||
200 | - while (tempStack.Count > 0) | ||
201 | - { | ||
202 | - string s = tempStack.Pop(); | ||
203 | - string trim = s.Trim(); | ||
204 | - if (commentLine) | ||
205 | - { | ||
206 | - if (Regex.IsMatch(trim, commentPattern3)) | ||
207 | - { | ||
208 | - commentLine = false; | ||
209 | - trim = Regex.Split(trim, commentPattern3)[1]; | ||
210 | - } | ||
211 | - continue; | ||
212 | - } | ||
213 | - string removeString = Regex.Replace(trim, stringPattern, ""); | ||
214 | - // /* ~ 패턴 | ||
215 | - if (Regex.IsMatch(trim, commentPattern2)) | ||
216 | - { | ||
217 | - // /* ~ */ 패턴이 아닌 경우 | ||
218 | - if (!Regex.IsMatch(trim, commentPattern)) | ||
219 | - { | ||
220 | - commentLine = true; | ||
221 | - } | ||
222 | - trim = Regex.Split(trim, "/*")[0]; | ||
223 | - } | ||
224 | - if (string.IsNullOrWhiteSpace(trim)) | ||
225 | - { | ||
226 | - continue; | ||
227 | - } | ||
228 | - int openBracketCount = removeString.Count(c => c == '{'); | ||
229 | - int closeBracketCount = removeString.Count(c => c == '}'); | ||
230 | - int subtract = openBracketCount - closeBracketCount; | ||
231 | - bracketCount += subtract; | ||
232 | - // 메서드 시작 괄호 찾은 경우 | ||
233 | - if (found2) | ||
234 | - { | ||
235 | - // 괄호가 모두 닫혔으니 종료 | ||
236 | - if (bracketCount < 0) | ||
237 | - { | ||
238 | - // Console.WriteLine("괄호끝"); | ||
239 | - break; | ||
240 | - } | ||
241 | - // oldBuilder.AppendLine(line); | ||
242 | - } | ||
243 | - else | ||
244 | - { | ||
245 | - if (openBracketCount > 0) | ||
246 | - { | ||
247 | - found2 = true; | ||
248 | - } | ||
249 | - | ||
250 | - } | ||
251 | - oldBuilder.AppendLine(s); | ||
252 | - } | ||
253 | - } | ||
254 | - } | ||
255 | - Console.WriteLine("찾음"); | ||
256 | - Console.WriteLine(oldBuilder.ToString()); | ||
257 | - Console.ReadLine(); | ||
258 | 162 | ||
259 | - return oldBuilder.ToString(); | ||
260 | - } | ||
261 | public abstract IDictionary<string, IEnumerable<string>> ExtractGitCriticalMethodTable(string srcCode); | 163 | public abstract IDictionary<string, IEnumerable<string>> ExtractGitCriticalMethodTable(string srcCode); |
262 | 164 | ||
165 | + public abstract IDictionary<string, string> CrawlCode(StreamReader reader); | ||
166 | + | ||
263 | public abstract string Abstract(string blockCode, IDictionary<string, string> dict, IDictionary<string, string> methodDict); | 167 | public abstract string Abstract(string blockCode, IDictionary<string, string> dict, IDictionary<string, string> methodDict); |
264 | /// <summary> | 168 | /// <summary> |
265 | /// 패치 전 코드 파일과 크리티컬 메서드 테이블로 부터 크리티컬 블록 추출 | 169 | /// 패치 전 코드 파일과 크리티컬 메서드 테이블로 부터 크리티컬 블록 추출 |
... | @@ -268,54 +172,42 @@ namespace VulnCrawler | ... | @@ -268,54 +172,42 @@ namespace VulnCrawler |
268 | /// <param name="table">크리티컬 메서드 테이블(Key: 메서드 이름, Value: 변수 리스트)</param> | 172 | /// <param name="table">크리티컬 메서드 테이블(Key: 메서드 이름, Value: 변수 리스트)</param> |
269 | /// <returns></returns> | 173 | /// <returns></returns> |
270 | public virtual IEnumerable<(string methodName, string oriFunc, IList<Block> blocks)> Process(Blob oldBlob, IDictionary<string, IEnumerable<string>> table) { | 174 | public virtual IEnumerable<(string methodName, string oriFunc, IList<Block> blocks)> Process(Blob oldBlob, IDictionary<string, IEnumerable<string>> table) { |
271 | - foreach (var item in table) | 175 | + |
176 | + // 패치 전 원본 파일 스트림 | ||
177 | + Stream oldStream = oldBlob.GetContentStream(); | ||
178 | + using (var reader = new StreamReader(oldStream)) | ||
272 | { | 179 | { |
273 | - var methodTable = new Dictionary<string, string>(); | 180 | + var dict = CrawlCode(reader); |
274 | - var varTable = new Dictionary<string, string>(); | 181 | + |
275 | - // 메서드 이름 | 182 | + foreach (var item in table) |
276 | - string methodName = item.Key; | ||
277 | - // 패치 전 원본 파일 스트림 | ||
278 | - Stream oldStream = oldBlob.GetContentStream(); | ||
279 | - // 패치 전 원본 함수 구하고 | ||
280 | - string func = GetOriginalFunc(oldStream, methodName); | ||
281 | - | ||
282 | - string bs = string.Empty; | ||
283 | - string md5 = string.Empty; | ||
284 | - if (item.Value.Count() != 0) | ||
285 | { | 183 | { |
286 | - //Console.WriteLine("크리티컬 변수 목록"); | 184 | + var methodTable = new Dictionary<string, string>(); |
287 | - //Console.ForegroundColor = ConsoleColor.Cyan; | 185 | + var varTable = new Dictionary<string, string>(); |
288 | - //foreach (var c in item.Value) | 186 | + // 메서드 이름 |
289 | - //{ | 187 | + string methodName = item.Key; |
290 | - // Console.WriteLine(c); | 188 | + |
291 | - //} | 189 | + // 패치 전 원본 함수 구하고 |
292 | - //Console.ResetColor(); | 190 | + string func = string.Empty; |
293 | - //Console.WriteLine("-------------------"); | 191 | + |
192 | + | ||
193 | + foreach (var pair in dict) | ||
194 | + { | ||
195 | + if (pair.Key.Contains(methodName)) | ||
196 | + { | ||
197 | + func = pair.Value; | ||
198 | + break; | ||
199 | + } | ||
200 | + } | ||
201 | + | ||
202 | + | ||
203 | + | ||
204 | + | ||
294 | // 크리티컬 블록 추출 | 205 | // 크리티컬 블록 추출 |
295 | var blocks = new List<Block>(); | 206 | var blocks = new List<Block>(); |
296 | - //var blocks = GetCriticalBlocks(func, item.Value).ToList(); | ||
297 | - //if (blocks == null) | ||
298 | - //{ | ||
299 | - // continue; | ||
300 | - //} | ||
301 | - //foreach (var block in blocks) | ||
302 | - //{ | ||
303 | - | ||
304 | - // block.CriticalList = item.Value; | ||
305 | - // /* 추상화 및 정규화 */ | ||
306 | - // block.AbsCode = Abstract(block.Code, varTable, methodTable); | ||
307 | - // block.Hash = MD5HashFunc(block.AbsCode); | ||
308 | - | ||
309 | - //} | ||
310 | - /* 추상화 변환 테이블 출력 */ | ||
311 | - //foreach (var var in varTable) | ||
312 | - //{ | ||
313 | - // Console.WriteLine($"{var.Key}, {var.Value}"); | ||
314 | - //} | ||
315 | - | ||
316 | yield return (methodName, func, blocks); | 207 | yield return (methodName, func, blocks); |
208 | + | ||
209 | + | ||
317 | } | 210 | } |
318 | - | ||
319 | } | 211 | } |
320 | } | 212 | } |
321 | /// <summary> | 213 | /// <summary> |
... | @@ -349,7 +241,7 @@ namespace VulnCrawler | ... | @@ -349,7 +241,7 @@ namespace VulnCrawler |
349 | var match = Regex.Match(msg, SearchCommitPattern, RegexOptions.IgnoreCase); | 241 | var match = Regex.Match(msg, SearchCommitPattern, RegexOptions.IgnoreCase); |
350 | 242 | ||
351 | if (match.Success) { | 243 | if (match.Success) { |
352 | - return match.Value; | 244 | + return $"CVE-{match.Groups[1].Value}-{match.Groups[2].Value}"; |
353 | } | 245 | } |
354 | return string.Empty; | 246 | return string.Empty; |
355 | } | 247 | } | ... | ... |
This diff is collapsed. Click to expand it.
... | @@ -16,6 +16,9 @@ namespace VulnCrawler | ... | @@ -16,6 +16,9 @@ namespace VulnCrawler |
16 | protected override string Extension => ".py"; | 16 | protected override string Extension => ".py"; |
17 | protected override string RegexFuncPattern => $@"@@ \-(?<{OldStart}>\d+),(?<{OldLines}>\d+) \+(?<{NewStart}>\d+),(?<{NewLines}>\d+) @@ def (?<{MethodName}>\w+)"; | 17 | protected override string RegexFuncPattern => $@"@@ \-(?<{OldStart}>\d+),(?<{OldLines}>\d+) \+(?<{NewStart}>\d+),(?<{NewLines}>\d+) @@ def (?<{MethodName}>\w+)"; |
18 | protected override string ReservedFileName => "PyReserved.txt"; | 18 | protected override string ReservedFileName => "PyReserved.txt"; |
19 | + | ||
20 | + protected override string UserRegexFuncPattern => throw new NotImplementedException(); | ||
21 | + | ||
19 | public override MatchCollection GetMatches(string patchCode) { | 22 | public override MatchCollection GetMatches(string patchCode) { |
20 | //var regs = Regex.Matches(patchCode, RegexFuncPattern); | 23 | //var regs = Regex.Matches(patchCode, RegexFuncPattern); |
21 | var regs = MethodExtractor.Matches(patchCode); | 24 | var regs = MethodExtractor.Matches(patchCode); |
... | @@ -85,5 +88,10 @@ namespace VulnCrawler | ... | @@ -85,5 +88,10 @@ namespace VulnCrawler |
85 | { | 88 | { |
86 | throw new NotImplementedException(); | 89 | throw new NotImplementedException(); |
87 | } | 90 | } |
91 | + | ||
92 | + public override IDictionary<string, string> CrawlCode(StreamReader reader) | ||
93 | + { | ||
94 | + throw new NotImplementedException(); | ||
95 | + } | ||
88 | } | 96 | } |
89 | } | 97 | } | ... | ... |
... | @@ -53,6 +53,23 @@ namespace VulnCrawler | ... | @@ -53,6 +53,23 @@ namespace VulnCrawler |
53 | return 802558182 + EqualityComparer<string>.Default.GetHashCode(BlockHash); | 53 | return 802558182 + EqualityComparer<string>.Default.GetHashCode(BlockHash); |
54 | } | 54 | } |
55 | } | 55 | } |
56 | + public class Vuln_detail | ||
57 | + { | ||
58 | + public int Index { get; set; } = -1; /* index key */ | ||
59 | + public string Type { get; set; } = "NULL"; /* type */ | ||
60 | + public string Year { get; set; } = "NULL"; /* year */ | ||
61 | + public string Level { get; set; } = "NULL"; /* level */ | ||
62 | + public string UserName { get; set; } = "NULL"; /* user name */ | ||
63 | + public string Publish_date { get; set; } = "NULL"; /* Publish_date */ | ||
64 | + public string Update_date { get; set; } = "NULL"; /* Update_date */ | ||
65 | + public string CveDetail { get; set; } = "NULL"; /* cveDetail */ | ||
66 | + public string CveName { get; set; } = "NULL"; /* cve name */ | ||
67 | + public string FileName { get; set; } = "NULL"; /* FileName */ | ||
68 | + public string FuncName { get; set; } = "NULL"; /* funcName */ | ||
69 | + public string Url { get; set; } = "NULL"; /* Url */ | ||
70 | + public string Product { get; set; } | ||
71 | + | ||
72 | + } | ||
56 | //connect | 73 | //connect |
57 | public static void Connect(AWS.Account account, string dbName) | 74 | public static void Connect(AWS.Account account, string dbName) |
58 | { | 75 | { |
... | @@ -129,9 +146,7 @@ namespace VulnCrawler | ... | @@ -129,9 +146,7 @@ namespace VulnCrawler |
129 | { | 146 | { |
130 | last_vulnId = 1; | 147 | last_vulnId = 1; |
131 | } | 148 | } |
132 | - | ||
133 | Retry: | 149 | Retry: |
134 | - | ||
135 | //DB insert | 150 | //DB insert |
136 | try | 151 | try |
137 | { | 152 | { |
... | @@ -216,6 +231,50 @@ namespace VulnCrawler | ... | @@ -216,6 +231,50 @@ namespace VulnCrawler |
216 | Console.ReadLine(); | 231 | Console.ReadLine(); |
217 | } | 232 | } |
218 | } | 233 | } |
234 | + public static void InsertVulnDetail(Vuln_detail vuln) | ||
235 | + { | ||
236 | + String sql = string.Empty; | ||
237 | + MySqlCommand cmd = null; | ||
238 | + Retry: | ||
239 | + //DB insert | ||
240 | + try | ||
241 | + { | ||
242 | + cmd = new MySqlCommand | ||
243 | + { | ||
244 | + Connection = Conn, | ||
245 | + //db에 추가 | ||
246 | + CommandText = "INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url, product) VALUES(@type, @year, @level, @userName, @cveName, @publish_date,@update_date, @cveDetail,@fileName, @funcName,@url,@product)" | ||
247 | + }; | ||
248 | + cmd.Parameters.AddWithValue("@type", $"{vuln.Type}"); | ||
249 | + cmd.Parameters.AddWithValue("@year", $"{vuln.Year}"); | ||
250 | + cmd.Parameters.AddWithValue("@level", $"{vuln.Level}"); | ||
251 | + cmd.Parameters.AddWithValue("@userName", $"{vuln.UserName}"); | ||
252 | + cmd.Parameters.AddWithValue("@cveName", $"{vuln.CveName}"); | ||
253 | + cmd.Parameters.AddWithValue("@publish_date", $"{vuln.Publish_date}"); | ||
254 | + cmd.Parameters.AddWithValue("@update_date", $"{vuln.Update_date}"); | ||
255 | + cmd.Parameters.AddWithValue("@cveDetail", $"{vuln.CveDetail}"); | ||
256 | + cmd.Parameters.AddWithValue("@fileName", $"{vuln.FileName}"); | ||
257 | + cmd.Parameters.AddWithValue("@funcName", $"{vuln.FuncName}"); | ||
258 | + cmd.Parameters.AddWithValue("@url", $"{vuln.Url}"); | ||
259 | + cmd.Parameters.AddWithValue("@product", $"{vuln.Product}"); | ||
260 | + cmd.ExecuteNonQuery(); | ||
261 | + //콘솔출력용 | ||
262 | + sql = "INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url) " + | ||
263 | + $"VALUES({vuln.Type}, {vuln.Year}, {vuln.Level}, {vuln.UserName}, {vuln.CveName},{vuln.Publish_date}, {vuln.Update_date}, {vuln.CveDetail}, {vuln.FileName}, {vuln.FuncName}, {vuln.Url})"; | ||
264 | + // Console.WriteLine(sql); | ||
265 | + } | ||
266 | + catch (Exception e) | ||
267 | + { | ||
268 | + // Console.WriteLine(e.ToString()); | ||
269 | + string es = e.ToString(); | ||
270 | + if (es.Contains("Connection must be valid and open")) | ||
271 | + { | ||
272 | + Connect(Account, DbName); | ||
273 | + goto Retry; | ||
274 | + } | ||
275 | + } | ||
276 | + } | ||
277 | + | ||
219 | public static void UpdateVulnData(int _vulnId, _Vuln vuln) { | 278 | public static void UpdateVulnData(int _vulnId, _Vuln vuln) { |
220 | String sql = string.Empty; | 279 | String sql = string.Empty; |
221 | MySqlCommand cmd = null; | 280 | MySqlCommand cmd = null; |
... | @@ -401,33 +460,118 @@ namespace VulnCrawler | ... | @@ -401,33 +460,118 @@ namespace VulnCrawler |
401 | Console.ReadLine(); | 460 | Console.ReadLine(); |
402 | } | 461 | } |
403 | } | 462 | } |
404 | - public static List<_Vuln> SelectVulnbyLen(int _lenFunc) | 463 | + public static IEnumerable<_Vuln> SelectVulnbyLen(int _lenFunc) |
405 | { | 464 | { |
406 | - var list = new List<_Vuln>(); | ||
407 | String sql = string.Empty; | 465 | String sql = string.Empty; |
408 | MySqlCommand cmd = new MySqlCommand(); | 466 | MySqlCommand cmd = new MySqlCommand(); |
409 | cmd.Connection = Conn; | 467 | cmd.Connection = Conn; |
410 | cmd.CommandText = "SELECT * FROM vuln_Info where lenFunc=" + _lenFunc; | 468 | cmd.CommandText = "SELECT * FROM vuln_Info where lenFunc=" + _lenFunc; |
411 | 469 | ||
412 | System.Data.DataSet ds = new System.Data.DataSet(); | 470 | System.Data.DataSet ds = new System.Data.DataSet(); |
413 | - MySqlDataAdapter da = new MySqlDataAdapter("SELECT * FROM vuln_Info where lenFunc=" + _lenFunc, Conn); | 471 | + MySqlDataAdapter da = new MySqlDataAdapter(cmd.CommandText, Conn); |
414 | da.Fill(ds); | 472 | da.Fill(ds); |
415 | 473 | ||
416 | //vuln에 입력 | 474 | //vuln에 입력 |
417 | foreach (System.Data.DataRow row in ds.Tables[0].Rows) | 475 | foreach (System.Data.DataRow row in ds.Tables[0].Rows) |
418 | { | 476 | { |
419 | - _Vuln vuln = new _Vuln(); | 477 | + _Vuln vuln = new _Vuln |
420 | - vuln.VulnId = Convert.ToInt32(row["vulnId"]); | 478 | + { |
421 | - vuln.Cve = Convert.ToString(row["cve"]); | 479 | + VulnId = Convert.ToInt32(row["vulnId"]), |
422 | - vuln.FuncName = Convert.ToString(row["funcName"]); | 480 | + Cve = Convert.ToString(row["cve"]), |
423 | - vuln.LenFunc = Convert.ToInt32(row["lenFunc"]); | 481 | + FuncName = Convert.ToString(row["funcName"]), |
424 | - vuln.Code = Convert.ToString(row["code"]); | 482 | + LenFunc = Convert.ToInt32(row["lenFunc"]), |
425 | - vuln.BlockHash = Convert.ToString(row["blockHash"]); | 483 | + Code = Convert.ToString(row["code"]), |
426 | - vuln.Url = Convert.ToString(row["url"]); | 484 | + BlockHash = Convert.ToString(row["blockHash"]), |
427 | - list.Add(vuln); | 485 | + Url = Convert.ToString(row["url"]) |
486 | + }; | ||
487 | + yield return vuln; | ||
488 | + } | ||
489 | + } | ||
490 | + public static IEnumerable<_Vuln> SelectVulnbyCve(string _cve) | ||
491 | + { | ||
492 | + String sql = string.Empty; | ||
493 | + MySqlCommand cmd = new MySqlCommand(); | ||
494 | + cmd.Connection = Conn; | ||
495 | + cmd.CommandText = $"SELECT * FROM vuln_Info where cve='" + _cve + $"'"; | ||
496 | + | ||
497 | + System.Data.DataSet ds = new System.Data.DataSet(); | ||
498 | + MySqlDataAdapter da = new MySqlDataAdapter(cmd.CommandText, Conn); | ||
499 | + da.Fill(ds); | ||
500 | + //vuln에 입력 | ||
501 | + foreach (System.Data.DataRow row in ds.Tables[0].Rows) | ||
502 | + { | ||
503 | + _Vuln vuln = new _Vuln | ||
504 | + { | ||
505 | + VulnId = Convert.ToInt32(row["vulnId"]), | ||
506 | + Cve = Convert.ToString(row["cve"]), | ||
507 | + FuncName = Convert.ToString(row["funcName"]), | ||
508 | + LenFunc = Convert.ToInt32(row["lenFunc"]), | ||
509 | + Code = Convert.ToString(row["code"]), | ||
510 | + BlockHash = Convert.ToString(row["blockHash"]), | ||
511 | + Url = Convert.ToString(row["url"]) | ||
512 | + }; | ||
513 | + yield return vuln; | ||
514 | + } | ||
515 | + } | ||
516 | + public static IEnumerable<string> SelectRepositbyName(string _username) | ||
517 | + { | ||
518 | + String sql = string.Empty; | ||
519 | + MySqlCommand cmd = new MySqlCommand(); | ||
520 | + cmd.Connection = Conn; | ||
521 | + cmd.CommandText = "SELECT repository FROM vuln.auth_user WHERE username = '" + _username + "'"; | ||
522 | + string a = null; | ||
523 | + | ||
524 | + //sql console write 확인용 | ||
525 | + Console.Write(cmd.CommandText); | ||
526 | + | ||
527 | + System.Data.DataSet ds = new System.Data.DataSet(); | ||
528 | + MySqlDataAdapter da = new MySqlDataAdapter(cmd.CommandText, Conn); | ||
529 | + da.Fill(ds); | ||
530 | + //string을 넣음 | ||
531 | + foreach (System.Data.DataRow row in ds.Tables[0].Rows) | ||
532 | + { | ||
533 | + a = Convert.ToString(row["repository"]); | ||
534 | + yield return a; | ||
535 | + } | ||
536 | + } | ||
537 | + public static IEnumerable<(string userName, string repository)> SelectAllReposit() | ||
538 | + { | ||
539 | + String sql = string.Empty; | ||
540 | + MySqlCommand cmd = new MySqlCommand | ||
541 | + { | ||
542 | + Connection = Conn, | ||
543 | + CommandText = "SELECT username, repository FROM vuln.auth_user " | ||
544 | + }; | ||
545 | + System.Data.DataSet ds = new System.Data.DataSet(); | ||
546 | + MySqlDataAdapter da = new MySqlDataAdapter(cmd.CommandText, Conn); | ||
547 | + da.Fill(ds); | ||
548 | + //vuln에 입력 | ||
549 | + foreach (System.Data.DataRow row in ds.Tables[0].Rows) | ||
550 | + { | ||
551 | + string repo = Convert.ToString(row["repository"]); | ||
552 | + string user = Convert.ToString(row["username"]); | ||
553 | + yield return (user, repo); | ||
554 | + } | ||
555 | + } | ||
556 | + public static IEnumerable<string> SelectReposit_detail() | ||
557 | + { | ||
558 | + String sql = string.Empty; | ||
559 | + MySqlCommand cmd = new MySqlCommand(); | ||
560 | + cmd.Connection = Conn; | ||
561 | + cmd.CommandText = "SELECT url FROM vulnDetail "; | ||
562 | + string a = null; | ||
563 | + | ||
564 | + System.Data.DataSet ds = new System.Data.DataSet(); | ||
565 | + MySqlDataAdapter da = new MySqlDataAdapter(cmd.CommandText, Conn); | ||
566 | + da.Fill(ds); | ||
567 | + //vuln에 입력 | ||
568 | + foreach (System.Data.DataRow row in ds.Tables[0].Rows) | ||
569 | + { | ||
570 | + a = Convert.ToString(row["url"]); | ||
571 | + Console.WriteLine(a); | ||
572 | + | ||
573 | + yield return a; | ||
428 | } | 574 | } |
429 | - //해당 list 반환 | ||
430 | - return list; | ||
431 | } | 575 | } |
432 | 576 | ||
433 | } | 577 | } | ... | ... |
... | @@ -30,7 +30,6 @@ namespace VulnCrawler | ... | @@ -30,7 +30,6 @@ namespace VulnCrawler |
30 | } | 30 | } |
31 | foreach (var commit in commits) { | 31 | foreach (var commit in commits) { |
32 | // 커밋 메시지 | 32 | // 커밋 메시지 |
33 | - | ||
34 | count++; | 33 | count++; |
35 | double per = ((double)count / (double)totalCount) * 100; | 34 | double per = ((double)count / (double)totalCount) * 100; |
36 | 35 | ||
... | @@ -46,23 +45,35 @@ namespace VulnCrawler | ... | @@ -46,23 +45,35 @@ namespace VulnCrawler |
46 | string commitUrl = $"{crawler.PushUrl}/commit/{commit.Sha}"; | 45 | string commitUrl = $"{crawler.PushUrl}/commit/{commit.Sha}"; |
47 | 46 | ||
48 | foreach (var parent in commit.Parents) { | 47 | foreach (var parent in commit.Parents) { |
49 | - | ||
50 | try | 48 | try |
51 | { | 49 | { |
50 | + | ||
51 | + | ||
52 | // 부모 커밋과 현재 커밋을 Compare 하여 패치 내역을 가져옴 | 52 | // 부모 커밋과 현재 커밋을 Compare 하여 패치 내역을 가져옴 |
53 | var patch = crawler.Repository.Diff.Compare<Patch>(parent.Tree, commit.Tree); | 53 | var patch = crawler.Repository.Diff.Compare<Patch>(parent.Tree, commit.Tree); |
54 | + | ||
54 | // 패치 엔트리 파일 배열 중에 파일 확장자가 .py인 것만 가져옴 | 55 | // 패치 엔트리 파일 배열 중에 파일 확장자가 .py인 것만 가져옴 |
55 | // (실질적인 코드 변경 커밋만 보기 위해서) | 56 | // (실질적인 코드 변경 커밋만 보기 위해서) |
56 | var entrys = crawler.GetPatchEntryChanges(patch); | 57 | var entrys = crawler.GetPatchEntryChanges(patch); |
58 | + if (entrys.Count() > 100) | ||
59 | + { | ||
60 | + // continue; | ||
61 | + } | ||
57 | /* C:\VulnC\linux 라면 linux만 뽑아서 repoName에 저장 */ | 62 | /* C:\VulnC\linux 라면 linux만 뽑아서 repoName에 저장 */ |
58 | var dsp = dirPath.Split(Path.DirectorySeparatorChar); | 63 | var dsp = dirPath.Split(Path.DirectorySeparatorChar); |
59 | string repoName = dsp[dsp.Length - 1]; | 64 | string repoName = dsp[dsp.Length - 1]; |
60 | // 현재 커밋에 대한 패치 엔트리 배열을 출력함 | 65 | // 현재 커밋에 대한 패치 엔트리 배열을 출력함 |
61 | PrintPatchEntrys(entrys, crawler, message, cve, repoName, commitUrl); | 66 | PrintPatchEntrys(entrys, crawler, message, cve, repoName, commitUrl); |
62 | // Console.ReadLine(); | 67 | // Console.ReadLine(); |
68 | + break; | ||
69 | + | ||
70 | + } | ||
71 | + catch(Exception e) | ||
72 | + { | ||
73 | + break; | ||
74 | + //Console.WriteLine(e.ToString()); | ||
75 | + //Console.ReadLine(); | ||
63 | } | 76 | } |
64 | - catch(Exception) | ||
65 | - { } | ||
66 | } | 77 | } |
67 | } | 78 | } |
68 | } | 79 | } |
... | @@ -133,7 +144,7 @@ namespace VulnCrawler | ... | @@ -133,7 +144,7 @@ namespace VulnCrawler |
133 | #endregion | 144 | #endregion |
134 | 145 | ||
135 | } | 146 | } |
136 | - catch (Exception e) | 147 | + catch (Exception) |
137 | { | 148 | { |
138 | continue; | 149 | continue; |
139 | } | 150 | } | ... | ... |
This diff is collapsed. Click to expand it.
... | @@ -33,8 +33,14 @@ | ... | @@ -33,8 +33,14 @@ |
33 | </PropertyGroup> | 33 | </PropertyGroup> |
34 | <ItemGroup> | 34 | <ItemGroup> |
35 | <Reference Include="MySql.Data, Version=8.0.10.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d, processorArchitecture=MSIL" /> | 35 | <Reference Include="MySql.Data, Version=8.0.10.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d, processorArchitecture=MSIL" /> |
36 | + <Reference Include="Newtonsoft.Json, Version=11.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL"> | ||
37 | + <HintPath>..\packages\Newtonsoft.Json.11.0.2\lib\net45\Newtonsoft.Json.dll</HintPath> | ||
38 | + </Reference> | ||
36 | <Reference Include="System" /> | 39 | <Reference Include="System" /> |
37 | <Reference Include="System.Core" /> | 40 | <Reference Include="System.Core" /> |
41 | + <Reference Include="System.ValueTuple, Version=4.0.3.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL"> | ||
42 | + <HintPath>..\packages\System.ValueTuple.4.5.0\lib\net461\System.ValueTuple.dll</HintPath> | ||
43 | + </Reference> | ||
38 | <Reference Include="System.Xml.Linq" /> | 44 | <Reference Include="System.Xml.Linq" /> |
39 | <Reference Include="System.Data.DataSetExtensions" /> | 45 | <Reference Include="System.Data.DataSetExtensions" /> |
40 | <Reference Include="Microsoft.CSharp" /> | 46 | <Reference Include="Microsoft.CSharp" /> |
... | @@ -49,6 +55,7 @@ | ... | @@ -49,6 +55,7 @@ |
49 | </ItemGroup> | 55 | </ItemGroup> |
50 | <ItemGroup> | 56 | <ItemGroup> |
51 | <None Include="App.config" /> | 57 | <None Include="App.config" /> |
58 | + <None Include="packages.config" /> | ||
52 | </ItemGroup> | 59 | </ItemGroup> |
53 | <ItemGroup> | 60 | <ItemGroup> |
54 | <ProjectReference Include="..\VulnCrawler\VulnCrawler.csproj"> | 61 | <ProjectReference Include="..\VulnCrawler\VulnCrawler.csproj"> | ... | ... |
-
Please register or login to post a comment